Excellent!!!!!!!!!!!!!vma flags represent a private vma with read/write/exec-privilege butwith no rwe currently enabled. Page flags are normal for a residentswap-cached anonymous page with no IO in flight. The page count, 2, isalso normal for a cached anonymous page. The pte, 6a8042, is not normalat all. It is marked non-present (the lowest bit is clear) but_PAGE_PROTNONE. That changes everything.

Thanks --- this tells us exactly what has gone wrong, I think.Something, somewhere, (electric fence, perhaps?) has set up a region ofmemory with no access allowed. There is a page mapped, but it is notvisible to the process: somebody has done an mprotect() to eliminate thevisibility of the page. That clears the _PAGE_PRESENT bit on the ptebut keeps the _PAGE_PROTNONE bit set, and _PAGE_PROTNONE is an alias for_PAGE_RW!! That's the trouble: the pte_write() test to see if a page iswritable tests the _PAGE_RW bit but fails to first of all check whetheror not _PAGE_PRESENT is set in the first place.

I've just tried to reproduce this with the program at the end, whichcreates page of local memory, allows it to be swapped out, then pages itin and marks it PROT_NONE. I got a slightly different end result,exactly the same, on two attempts out of two:

swap_free: Trying to free nonexistent swap-page

which also quite possibly results from the swap cache code seeing thispage as writable when it is not. Anyway, it is now clear that we canreproduce some rather undesirable behaviour using PROT_NONE, and the ptetrace from your own report also indicates that it may be the source ofyour own problems.

I _think_ that on Intel we can fix much of this by correcting the macro

extern inline int pte_write(pte_t pte) { return pte_val(pte) & _PAGE_RW; }to check for (_PAGE_RW && !_PAGE_PRESENT). I'm not entirely sure yetthat this will be the end of it; tomorrow I'll have a dig around to seeif I can find any other nasties which might trip us up here. What arethe implications for other architectures which organise their ptesdifferently?--Stephen

----------------------------------------------------------------Run this. When it suspends itself, force it out to swap somehow thenbring the test program back with "%" at the shell. It will suspenditself again; at this point, the page should back in the swap cache andprotected PROT_NONE. Things now go wrong.protnone.c: